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Description 

Arrangement for capturing and evaluating data or 
signals, and method for checking the identity or 
5 authorization of a person 

In connection with the increasing spread of 
information technology systems, methods for checking 
the identity or authorization of persons are quickly 

10 becoming more important. A common feature of all known 
methods of this type is that an authorized person 
identifies himself to an information technology system 
using an item of information or a feature which is 
known only to this person or which is characteristic of 

15 this person, is unique and is unalterable. 

Biometric features, such as fingerprint 
patterns, iris patterns and similar characteristic 
properties of a person are distinguished by their 
uniqueness and unalterability . This means that any 

20 person can easily be identified by such biometric 
features using information technology systems. A secret 
password is also a characteristic feature of a person, 
so long as the password has not been given away. 
Biometric features and passwords are therefore well 

25 suited, in principle, to the aforementioned purposes. 

Modern biometric verification methods detect 
the biometric features of a person using a special 
sensor, initially in the form of raw data. Special 
algorithms can be used to extract the actual features 

3 0 from these raw data. Verification or identification 
then takes place by comparing a stored set of reference 
features with the current features. 

It is evident that the security of the method 
is essentially dependent on the raw data, the extracted 

35 sets of features or the passwords not getting into the 
hands of unauthorized parties. In systems which are 
known today, this requirement is not satisfied or is 
satisfied only insufficiently, however. The invention 
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is based on the object of improving this situation. 
This object is achieved using an arrangement for 
capturing and evaluating data or signals having 
features in accordance with claim 1 and by a method for 
5 checking the identity or authorization of a person 
having features in accordance with claim 5 . 

In this context, the invention is based on the 
idea of not transferring a person's characteristic data 
to a foreign system, but rather of capturing these data 

10 or signals using an arrangement carried by the 
authorized person, and using this arrangement to 
encrypt input data obtained by the arrangement from a 
foreign system, so that the foreign system does not 
identify authorization of the person by his features, 

15 which need to be protected, of course, but rather by 
the correct encryption of the input data. In this case, 
the whole process of feature identification and of 
input data encryption takes place within the 
arrangement, which is preferably particularly protected 

20 against unauthorized access. This effectively protects 
a person's characteristic data from misuse. 

Advantageous developments of the invention are 
the subject matter of subclaims. 

The invention is described below using 

25 preferred exemplary embodiments and with reference to a 
figure . 

Figure 1 shows, schematically, the design of a 
preferred embodiment of the invention, and at the same 
time clarifies the course of an inventive method. 

3 0 An inventive arrangement for capturing and 

evaluating data or signals, in particular for checking 
the identity or authorization of a person, etc., 
comprises a device (DE) for capturing data (D) or 
signals (S) , a device (DV) for checking the captured 

35 data or signals within the arrangement, and a device 
(KE) for encrypting input data (ED) within the 
arrangement . 
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The device for capturing data or signals may be 
a simple keyboard of a computer or communication 
terminal or of another small appliance. Of course, 
instead of a keyboard, it is also possible to use a 
5 graphical input medium, such as a pressure- sensitive 
input surface, perhaps with a display located 
underneath. Such input devices are particularly 
suitable for capturing passwords or signatures. 

The device for capturing data or signals may 

10 alternatively be a microphone, or a camera, or a 
fingerprint sensor. Further devices, in particular for 
detecting biometric features of a person, are 
conceivable. The captured data or signals may comprise 
anything from text, numerals, handwriting, words or 

15 sentences spoken through voice tests which is suitable 
for identification or for checking the authorization of 
a person. These data or signals are checked directly, 
or after extraction of feature data (MD) , by a checking 
device (DV) . In accordance with the present invention, 

20 this checking device is located within the arrangement. 
The data or signals to be checked or the feature data 
extracted therefrom therefore do not leave the 
arrangement for checking purposes. 

The user can therefore, at least as long as he 

2 5 remains the sole proprietor of the arrangement and can 
exclude intervention by unauthorized parties, be sure 
that his data cannot be misused. If the check is 
carried out successfully (positively), i.e. the 
captured data and signals indicate, for the purposes of 

30 the check, input by an authorized user, the input data 
(ED) supplied to the arrangement from the outside are 
encrypted within the arrangement using a device (KE) 
for encryption. 

An external system can now check correct 

35 encryption of the input data, and hence the identity of 
the person or his authorization, at any time. To this 
end, it is merely necessary to read and check the 
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encrypted input data. The person's characteristic data 
remain in the arrangement and are therefore protected 
from misuse. 

The personal data can be checked within the 
5 arrangement in a wide variety of different ways. First, 
it is possible for the key which is needed for 
encrypting the input data to be calculated directly 
from the captured data or signals or from the feature 
data extracted therefrom. Another option is for the 

10 feature data to be supplied to a decision function 
which directly ascertains the result of the check in 
the form of a yes/no decision. Simplest of all, by 
contrast, is probably direct comparison of the data, 
signals or feature data with reference data (RD) stored 

15 in a memory device (SE1) in the arrangement. However, 
the two aforementioned methods have the advantage that 
the data to be protected are themselves not stored in, 
the arrangement, and are thus better protected from 
misuse . 

20 If the key (K) is not calculated directly 

within the arrangement, it is advantageous for it to be 
stored in a memory device (SE2) within the arrangement. 
Another option would be to use a "hardwired" algorithm 
for encryption, in which case the key is implicitly 

25 concealed in the architecture of the circuit. However, 
this method has the drawback of more complex 
manufacture. Besides the reference data possibly stored 
in the arrangement, the explicitly stored key is the 
only person- specif ic parameter in an otherwise 

3 0 universal arrangement . 

Besides symmetrical keys, which are 
fundamentally also suitable for use in the context of 
the invention, asymmetrical key pairs are particularly 
suitable above all. In this case, the key (K) would be 

35 the private key of the authorized person, that is to 
say the key which needs to be kept secret. By contrast, 
the public key would be used to decrypt the encrypted 
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input data in a foreign information system wanting to 
check the identity or authorization of the person. 

Suitable input data (ED) are particularly 
random or pseudo- random character, number or symbol 
sequences whose correct encryption can easily be 
checked by the checking external system and which 
practically cannot be predicted or guessed by an 
attacker. The cycle period of these symbol sequences 
should also be sufficiently long, i.e. virtually 
infinitely long. 
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Patent claims 

1. An arrangement for capturing and evaluating 
data or signals, in particular for checking the 

5 identity or authorization of a person, etc., having the 
following features: 

a) a device (DE) for capturing data (D) or signals 
(S) ; 

b) a device (DV) for checking the captured data or 
10 signals within the arrangement; 

c) a device (KE) for encrypting input data (ED) 
within the arrangement . 

2. The arrangement as claimed in claim 1, in which 
the captured data or signals are checked by comparing 

15 these data or signals or feature data (MD) derived 
therefrom with reference data (RD) stored in a memory 
arrangement (SE1) within the arrangement. 

3. The arrangement as claimed in one of the 
preceding claims, in which the input data (ED) are 

2 0 encrypted using a key (K) which is stored in a memory 

device (SE2) within the arrangement. 

4 . The arrangement as claimed in one of the 
preceding claims, in which a device (MT) for 
transmitting the encrypted input data (ED) is provided. 

25 5. A method for checking the identity or 

authorization of a person, having the following steps: 

a) the person inputs a data item, which needs to be 
kept secret, into an arrangement, or the arrangement 
detects a person-specific, in particular biometric, 

3 0 feature of a person, using a sensor device; 

b) the data item which has been input or the captured 
sensor data is or are checked within the arrangement; 

c) if the result of the check is positive, input data 
are encrypted within the arrangement . 

35 6. The method as claimed in claim 5, in which the 

data item which has been input or the captured sensor 
data is /are checked by comparing these data or feature 
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data derived therefrom with reference data stored in a 
memory arrangement within the arrangement . 

7. A method as claimed in one of claims 5 or 6, in 
which the input data (ED) are encrypted using a key (K) 

5 which is stored in a memory device (SE2) within the 
arrangement . 

8. The method as claimed in one of claims 5, 6 or 
1, in which the key stored within the arrangement is a 
private key for the authorized person, and in which the 

10 encrypted input data are transmitted to a reception 
device outside the arrangement using a transmission 
device (MT) and are checked by the reception device or 
a device connected downstream thereof by decryption 
using the public key for the authorized person. 
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Abstract 

Arrangement for capturing and evaluating data or 
signals, and method for checking the identity or 
5 authorization of a person 

When checking the identity or authorization of 
a person, secret or person- specif ic data are protected 
against attacks by third parties by checking these data 
10 within a protected area. If the result of the check is 
positive, input data supplied from the outside are 
encrypted using a key stored within the protected area. 
The encrypted input data are output. The identity or 
authorization can then be checked by decryption. 

15 

Figure 1 
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Declaration and Power of Attorney For Patent Application 
Erklarung Fur Patentanmeldungen Mit Vollmacht 

German Language Declaration 



Als nachstehend benannter Erfinder erklare ich hiermit 
an Eides Statt: 



dass mein Wohnsitz, meine Postanschrift, und meine 
Staatsangehorigkeit den im Nachstehenden nach 
meinem Namen aufgefuhrten Angaben entsprechen, 



dass ich, nach bestem Wissen der ursprungliche, erste 
und alleinige Erfinder (falls nachstehend nur ein Name 
angegeben ist) Oder ein ursprunglicher, erster und 
Miterfinder (falls nachstehend mehrere Namen 
aufgefuhrt sind) des Gegenstandes bin, fur den dieser 
Antrag gestellt wird und fur den ein Patent beantragt 
wird fur die Erfindung mit dem Titet: 

Anordnung zur Erfassunq und 



Auswertunq von Paten Oder Siqnalen 
und Verfahren zur Pruefung der 
Identitaet Oder Berechtigunq einer 
Person 



deren Beschreibung 

(zutreffendes ankreuzen) 
n hier beigefugt ist. 
M am 01.02.2000 ats 
PCT intemationale Anmeldung 
PCT Anmeldungsnummer . 
eingereicht wurde und am . 



PCT/DE00/00284 



abgeandert wurde (fails tatsachlich abgeandert). 



ich bestatige hiermit, dass ich den inhait der obigen 
Patentanmeldung einschliesslich der Anspruche 
durchgesehen und verstanden habe, die eventuell 
durch einen Zusatzantrag wie oben erwahnt abgean- 
dert wurde. 



Ich erkenne meine Pfiicht zur Offenbarung irgendwel- 
cher Informationen, die fur die Prufung der vorliegen- 
den Anmeldung in Einklang mit Absatz 37, Bundes- 
gesetzbuch, Paragraph 1.56(a) von Wichtigkeit sind, 
an. 



Ich beanspruche hiermit auslandische Prioritatsvorteile 
gemass Abschnitt 35 der Zivilprozessordnung der 
Vereinigten Staaten, Paragraph 119 aller unten ange- 
gebenen Auslandsanmeidungen fur ein Patent Oder 
eine Erfindersurkunde, und habe auch alle Auslands- 
anmeidungen fur ein Patent oder eine Erfindersurkun- 
de nachstehend gekennzeichnet, die ein Anmelde- 
datum haben, das vor dem Anmeldedatum der 
Anmeldung liegt, fur die Prioritat beansprucht wird. 



As a below named inventor, l hereby declare that: 



My residence, post office address and citizenship are 
as stated below next to my name, 



I believe I am the original, first and sole inventor (if only 
one name is listed below) or an original, first and joint 
inventor (if plural names are listed below) of the 
subject matter which is claimed and for which a patent 
is sought on the invention entitled 



Arrangement for determining and 



evaluating data or signals and method 
for verifying the identity or authorisation 
of a person 



the specification of which 

(check one) 

□ is attached hereto. 

H was filed on 01.02.2000 as 



PCT international application 

PCT Application No. PCT/DE OO/00284 

and was amended on 



(if applicable) 



I hereby state that I have reviewed and understand the 
contents of the above identified specification, including 
the claims as amended by any amendment referred to 
above. 



I acknowledge the duty to disclose information which is 
material to the examination of this application in 
accordance with Title 37, Code of Federal Regulations, 
§1 .56(a). 



I hereby claim foreign priority benefits under Title 35, 
United States Code, §119 of any foreign application (s) 
for patent or inventor's certificate listed below and have 
also identified below any foreign application for patent 
or inventor's certificate having a filing date before that 
of the application on which priority is claimed: 
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German Language Declaration 


Prior foreign appplications 
Prioritat beansprucht 




Priority Claimed 


19905033.3 DE 


08.02.1999 


IE! □ 


(Number) (Country) 
(Nummer) (Land) 


(Day Month Year Filed) Yes No 
(Tag Monat Jahr eingereicht) Ja Nein 


(Number) (Country) 
(Nummer) (Land) 


□ □ 

(Day Month Year Filed) Yes No 
(Tag Monat Jahr eingereicht) Ja Nein 


(Number) (Country) 
(Nummer) (Land) 


□ □ 

(Day Month Year Filed) Yes No 
(Tag Monat Jahr eingereicht) Ja Nein 


Ich beanspruche hiermit gemass Absatz 35 der Zivil- 
prozessordnung der Vereinigten Staaten, Paragraph 
120, den Vorzug alter unten aufgefuhrten Anmel- 
dungen und falls der Gegenstand aus jedem Anspruch 
dieser Anmeldung nicht in einer fruheren 
amerikanischen Patentanmeldung taut dem ersten 
Paragraphen des Absatzes 35 der ZivilprozeBordnung 
der Vereinigten Staaten, Paragraph 122 offenbart ist, 
erkenne ich gemass Absatz 37, Bundesgesetzbuch, 
Paragraph 1.56(a) meine Pflicht zur Offenbarung von 
Informationen an, die zwischen dem Anmeldedatum 
der fruheren Anmeldung und dem nationaien oder PCT 
internationaien Anmeldedatum dieser Anmeldung 
bekannt geworden sind. 


I hereby claim the benefit under Title 35. United States 
Code. §120 of any United States application (s) listed 
below and, insofar as the subject matter of each of the 
claims of this application is not disclosed in the prior 
United States application in the manner provided by 
the first paragraph of Title 35, United States Code, 
§122, I acknowledge the duty to disclose material 
information as defined in Title 37, Code of Federal 
Regulations, §1. 56(a) which occured between the filing 
date of the prior application and the national or PCT 
international filing date of this application. 


PCT/DE00/00284 


01.02.2000 


anhanqia pending 


(Application Serial No.) 
(Anmeldeseriennummer) 


(Filing Date D, M, Y) 
(Anmeldedatum T, M, J) 


(Status) (Status) 
(patentiert, anhangig, (patented, pending, 
aufgegeben) abandoned) 


(Application Serial No.) 
(Anmeldeseriennummer) 


{Filing Date D,M,Y) 
(Anmeldedatum T, M; J) 


(Status) (Status) 
(patentiert, anhangig, (patented, pending, 
aufgeben) abandoned) 


Ich erklare hiermit, dass aile von mir in der vorliegen- 
den Erklarung gemachten Angaben nach meinem 
besten Wissen und Gewissen der vollen Wahrheit 
entsprechen, und dass ich diese eidesstattliche Erkla- 
rung in Kenntnis dessen abgebe, dass wissentlich und 
vorsatzlich falsche Angaben gemass Paragraph 1001, 
Absatz 18 der Zivilprozessordnung der Vereinigten 
Staaten von Amerika mit Geldstrafe belegt und/oder 
Gefangnis bestraft werden koennen, und dass derartig 
wissentlich und vorsatzlich falsche Angaben die Gul- 
tigkeit der vorliegenden Patentanmeldung oder eines 
darauf erteilten Patentes gefahrden konnen. 


I hereby declare that all statements made herein of my 
own knowledge are true and that all statements made 
on information and belief are believed to be true, and 
further that these statements were made with the 
knowledge that willful false statements and the like so 
made are punishable by fine or imprisonment, or both, 
under Section 1001 of Title 18 of the United States 
Code and that such willful false statements may 
jeopardize the validity of the application or any patent 
issued thereon. 




Page 2 




Form PTO-FB-240 (8-83) 


Patent and Trademark Office-U.S. DEPARTMENT OF COMMERCE 



»' ' ' ' llll II 



German Language Declaration 



VERTRETUNGSVOLLMACHT: Als benannter Erfinder 
beauftrage ich hiermit den nachstehend benannten 
Patentanwalt (oder die nachstehend benannten 
Patentanwalte) und/oder Patent-Agenten mit der 
Verfolgung der vorliegenden Patentanmeldung sowie 
mit der Abwicklung aller damit verbundenen Geschafte 
vor dem Patent- und Warenzeichenamt: (Name und 
Registrationsnummer anfuhren) 



POWER OF ATTORNEY: As a named inventor, 1 
hereby appoint the following attorney(s) and/or 
agent(s) to prosecute this application and transact all 
business in the Patent and Trademark Office 
connected therewith. (list name and registration 
number) 



Customer No. 25227 



And I hereby appoint 



Telefongesprache bitte richten an: 
(Name und Telefonnummer) 



Direct Telephone Calls to: (name and telephone 
number) 



Ext. 



Postanschrift: Send Correspondence to: 

Morrison and Foerster LLP 
2000 Pennsylvania Ave., NW 20006-1888 Washington, DC 
Telephone: (001) 202 887 1500 and Facsimile (001) 202 887 0763 

or 

Customer No. 25227 



Voller Name des einzigen oder ursarunglichen Erfinders: 

Dr. MANFRED BROMBA i - c^c 


Full name of sole or first inventor: 

Dr. MANFRED BROMBA 


UnJ^rschrift des Erfinders 1/ // Datum 

HofotrnC iHhJht^ %B&-&& 


Inventor's signature Date 


Wohnsitz / 

MUENCHEN, DEUTSCHLAND 


Residence 

MUENCHEN, GERMANY -t^e-X 


Staatsangehorigkeit 

DE 


Citizenship 

DE 


Postanschrift 

AM ISARKANAL 24 


Post Office Addess 

AM ISARKANAL 24 


81379 MUENCHEN 


81379 MUENCHEN 


Voller Name des zweiten Miterfinders {falls zutreffend): 


Full name of second joint inventor, if any: 


Unterschnft des Erfinders Datum 


Second Inventor's signature Date 


Wohnsitz 
j 


Residence 
j 


Staatsangehorigkeit 


Citizenship 


Postanschrift 


Post Office Address 







(Bitte entsprechende fnformationen und Unterschriften im (Supply similar information and signature for third and 



Faiie von dritten und weiteren Miterfindern angeben). subsequent joint inventors). 
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